CVSS: 9.1EPSS: 43%CPEs: 8EXPL: 0CVE-2003-0016
https://notcve.org/view.php?id=CVE-2003-0016
07 Feb 2003 — Apache before 2.0.44, when running on unpatched Windows 9x and Me operating systems, allows remote attackers to cause a denial of service or execute arbitrary code via an HTTP request containing MS-DOS device names. Apache anteriores a 2.0.44, cuando corren sobre sistemas operativos Windows 9x y Me, permite a atacantes remotos causar una denegación de servicio o ejecutar código arbitrario mediane peticiones HTTP conteniendo nombres de dispositivo de MS-DOS. • http://marc.info/?l=apache-httpd-announce&m=104313442901017&w=2 •
CVSS: 7.5EPSS: 4%CPEs: 8EXPL: 0CVE-2003-0017
https://notcve.org/view.php?id=CVE-2003-0017
07 Feb 2003 — Apache 2.0 before 2.0.44 on Windows platforms allows remote attackers to obtain certain files via an HTTP request that ends in certain illegal characters such as ">", which causes a different filename to be processed and served. Apache 2.0 anterior a 2.0.44 en plataformas Windows permite a atacantes remotos obtener determinados ficheros mediante una petición HTTP que termina en ciertos caracteres ilegales como ">", lo cual provoca que se procese y sirva un nombre de archivo diferente. • http://marc.info/?l=apache-httpd-announce&m=104313442901017&w=2 •
CVSS: 9.8EPSS: 0%CPEs: 18EXPL: 1CVE-2002-1658
https://notcve.org/view.php?id=CVE-2002-1658
31 Dec 2002 — Buffer overflow in htdigest in Apache 1.3.26 and 1.3.27 may allow attackers to execute arbitrary code via a long user argument. NOTE: since htdigest is normally only locally accessible and not setuid or setgid, there are few attack vectors which would lead to an escalation of privileges, unless htdigest is executed from a CGI program. Therefore this may not be a vulnerability. • http://marc.info/?l=bugtraq&m=103480856102007&w=2 •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2002-1822
https://notcve.org/view.php?id=CVE-2002-1822
31 Dec 2002 — IBM HTTP Server 1.0 on AS/400 allows remote attackers to obtain the path to the web root directory and other sensitive information, which is leaked in an error mesage when a request is made for a non-existent Java Server Page (JSP). • http://marc.info/?l=bugtraq&m=103726020802411&w=2 •
CVSS: 7.5EPSS: 3%CPEs: 2EXPL: 3CVE-2002-1850 – Apache 2.0.39/40 - Oversized STDERR Buffer Denial of Service
https://notcve.org/view.php?id=CVE-2002-1850
31 Dec 2002 — mod_cgi in Apache 2.0.39 and 2.0.40 allows local users and possibly remote attackers to cause a denial of service (hang and memory consumption) by causing a CGI script to send a large amount of data to stderr, which results in a read/write deadlock between httpd and the CGI script. • https://www.exploit-db.com/exploits/21854 • CWE-667: Improper Locking •
CVSS: 9.1EPSS: 4%CPEs: 1EXPL: 0CVE-2002-2012
https://notcve.org/view.php?id=CVE-2002-2012
31 Dec 2002 — Unknown vulnerability in Apache 1.3.19 running on HP Secure OS for Linux 1.0 allows remote attackers to cause "unexpected results" via an HTTP request. • http://www.iss.net/security_center/static/7810.php •
CVSS: 9.1EPSS: 70%CPEs: 10EXPL: 2CVE-2002-2029 – Apache 1.3.20 (Win32) - 'PHP.exe' Remote File Disclosure
https://notcve.org/view.php?id=CVE-2002-2029
31 Dec 2002 — PHP, when installed on Windows with Apache and ScriptAlias for /php/ set to c:/php/, allows remote attackers to read arbitrary files and possibly execute arbitrary programs via an HTTP request for php.exe with a filename in the query string. • https://www.exploit-db.com/exploits/21204 •
CVSS: 5.0EPSS: 2%CPEs: 13EXPL: 0CVE-2002-2103
https://notcve.org/view.php?id=CVE-2002-2103
31 Dec 2002 — Apache before 1.3.24, when writing to the log file, records a spoofed hostname from the reverse lookup of an IP address, even when a double-reverse lookup fails, which allows remote attackers to hide the original source of activities. • http://www.apache.org/dist/httpd/CHANGES_1.3 •
CVSS: 7.5EPSS: 4%CPEs: 1EXPL: 5CVE-2002-2416 – Zeroo HTTP Server 1.5 - Directory Traversal
https://notcve.org/view.php?id=CVE-2002-2416
31 Dec 2002 — Directory traversal vulnerability in Zeroo web server 1.5 allows remote attackers to read arbitrary files via a .. (dot dot) in a URL GET request. • https://www.exploit-db.com/exploits/22063 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.8EPSS: 12%CPEs: 36EXPL: 2CVE-2002-2272 – Apache 1.3.x + Tomcat 4.0.x/4.1.x mod_jk - Chunked Encoding Denial of Service
https://notcve.org/view.php?id=CVE-2002-2272
31 Dec 2002 — Tomcat 4.0 through 4.1.12, using mod_jk 1.2.1 module on Apache 1.3 through 1.3.27, allows remote attackers to cause a denial of service (desynchronized communications) via an HTTP GET request with a Transfer-Encoding chunked field with invalid values. • https://www.exploit-db.com/exploits/22068 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •